Security Basics mailing list archives
SSH Private Key Handling Policy?
From: Matt Harrison <mharr19 () gmail com>
Date: Wed, 5 Aug 2009 09:45:26 -0400
All, I've reached an impasse' with our Unix folks and am looking for some outside opinions on how others have dealt with a similar issue. Any thoughts/direction you can provide would be much appreciated... Scenario: We have several hundred Solaris/Linux servers and its recently come to the security group's attention that the Unix admins are using SSH RSA/DSA keys instead of password authentication. No issues with that. They are also using the SSH keys inside scripts to authenticate service accounts communicating between boxes. No issues there either, however (and this is the rub), they are keeping the private keys unencrypted so the scripts are never prompted for a password - the script fires, gets the key, and auths without any prompting and therefore creating "passwordless/promptless SSH". The keys are owned by the service accounts to which roughly 100 people have access (unix admins, dba's, and the application admin teams). All it would take is a disgruntled employee to start snagging keys and start logging into the boxes causing havoc as the service user(s). So we've asked the Unix teams to secure the keys but their suggested method is to make the keys owned by root then have users run a script which would in essence sudo to root and use the key to open a connection then sudo back to their user. They've encrypted the private keys with a passphrase ... but set the passphrase to nothing (blank password). Obviously that doesn't work either. We've suggested the ssh-agent approach outlined in Daniel Robbins article here - http://www.ibm.com/developerworks/library/l-keyc.html - but they don't want to take that approach because it requires them to enter the passphrase which would have to be stored in the script calling the service account login process. Any ideas? mh ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- SSH Private Key Handling Policy? Matt Harrison (Aug 05)
- Re: SSH Private Key Handling Policy? Paul Hosking (Aug 10)
- RE: SSH Private Key Handling Policy? Jag Kalkal (Aug 11)
- <Possible follow-ups>
- Re: SSH Private Key Handling Policy? M8R-glhlio (Aug 07)
- Re: SSH Private Key Handling Policy? Paul Hosking (Aug 10)